Missing authentication for critical function...
Critical severity
Unreviewed
Published
Nov 16, 2023
to the GitHub Advisory Database
•
Updated Dec 14, 2023
Description
Published by the National Vulnerability Database
Nov 16, 2023
Published to the GitHub Advisory Database
Nov 16, 2023
Last updated
Dec 14, 2023
Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.
References